IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v17y2025i6p2386-d1608368.html
   My bibliography  Save this article

Cybersecurity Threat Modeling for IoT-Integrated Smart Solar Energy Systems: Strengthening Resilience for Global Energy Sustainability

Author

Listed:
  • Alexandre Rekeraho

    (Electronics and Computers Department, Transilvania University of Brasov, 500036 Brasov, Romania)

  • Daniel Tudor Cotfas

    (Electronics and Computers Department, Transilvania University of Brasov, 500036 Brasov, Romania)

  • Titus C. Balan

    (Electronics and Computers Department, Transilvania University of Brasov, 500036 Brasov, Romania)

  • Petru Adrian Cotfas

    (Electronics and Computers Department, Transilvania University of Brasov, 500036 Brasov, Romania)

  • Rebecca Acheampong

    (Electronics and Computers Department, Transilvania University of Brasov, 500036 Brasov, Romania)

  • Emmanuel Tuyishime

    (Electronics and Computers Department, Transilvania University of Brasov, 500036 Brasov, Romania)

Abstract

The integration of Internet of Things (IoT) technologies into solar energy systems has transformed them into smart solar energy systems, enabling advanced real-time monitoring, control, and optimization. However, this connectivity also expands the attack surface, exposing critical components to cybersecurity threats that could compromise system reliability and long-term sustainability. This study presents a comprehensive cybersecurity threat modeling analysis for IoT-based smart solar energy systems using the STRIDE threat model to systematically identify, categorize, and assess potential security risks. These risks, if unmitigated, could disrupt operations and hinder large-scale adoption of solar energy. The methodology begins with a system use case outlining the architecture and key components, including sensors, PV modules, IoT nodes, gateways, cloud infrastructure, and remote-access interfaces. A Data Flow Diagram (DFD) was developed to visualize the data flow and identify the critical trust boundaries. The STRIDE model was applied to classify threats, such as spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege across components and their interactions. The DREAD risk assessment model was then used to prioritize threats based on the Damage Potential, Reproducibility, Exploitability, Affected Users, and Disability. The results indicate that most threats fall into the high-risk category, with scores ranging from 2.6 to 2.8, emphasizing the need for targeted mitigation. This study proposes security recommendations to address the identified threats and enhance the resilience of IoT-enabled solar energy systems. By securing these infrastructures, this research supports the transition to sustainable energy by ensuring system integrity and protection against cyber threats. The combined use of STRIDE and DREAD provides a robust framework for identifying, categorizing, and prioritizing risks, enabling effective resource allocation and targeted security measures. These findings offer critical insights into safeguarding renewable energy systems against evolving cyber threats, contributing to global energy sustainability goals in an increasingly interconnected world.

Suggested Citation

  • Alexandre Rekeraho & Daniel Tudor Cotfas & Titus C. Balan & Petru Adrian Cotfas & Rebecca Acheampong & Emmanuel Tuyishime, 2025. "Cybersecurity Threat Modeling for IoT-Integrated Smart Solar Energy Systems: Strengthening Resilience for Global Energy Sustainability," Sustainability, MDPI, vol. 17(6), pages 1-31, March.
    • Handle: RePEc:gam:jsusta:v:17:y:2025:i:6:p:2386-:d:1608368
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/17/6/2386/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/17/6/2386/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Zhai, Xiangyu & Li, Zening & Li, Zhengmao & Xue, Yixun & Chang, Xinyue & Su, Jia & Jin, Xiaolong & Wang, Peng & Sun, Hongbin, 2025. "Risk-averse energy management for integrated electricity and heat systems considering building heating vertical imbalance: An asynchronous decentralized approach," Applied Energy, Elsevier, vol. 383(C).
    2. Ebrahim Mohammadi & Gerry Moschopoulos & Aoxia Chen, 2025. "Boosting Solar Sustainability: Performance Assessment of Roof-Mounted PV Arrays Under Snow Considering Various Module Interconnection Schemes," Sustainability, MDPI, vol. 17(1), pages 1-28, January.
    3. Dalibor Dobrilovic & Jasmina Pekez & Eleonora Desnica & Ljiljana Radovanovic & Ivan Palinkas & Milica Mazalica & Luka Djordjević & Sinisa Mihajlovic, 2023. "Data Acquisition for Estimating Energy-Efficient Solar-Powered Sensor Node Performance for Usage in Industrial IoT," Sustainability, MDPI, vol. 15(9), pages 1-22, April.
    4. Yunus Kareem & Djamel Djenouri & Essam Ghadafi, 2024. "A Survey on Emerging Blockchain Technology Platforms for Securing the Internet of Things," Future Internet, MDPI, vol. 16(8), pages 1-19, August.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Bin Ji & Haiyang Huang & Yu Gao & Fangliang Zhu & Jie Gao & Chen Chen & Samson S. Yu & Zenghai Zhao, 2025. "Long-Term Stochastic Co-Scheduling of Hydro–Wind–PV Systems Using Enhanced Evolutionary Multi-Objective Optimization," Sustainability, MDPI, vol. 17(5), pages 1-34, March.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:17:y:2025:i:6:p:2386-:d:1608368. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.